attached are my dds and attach txt results and my problem is when i use firefox there comes a pop up window with this url `http://ad.yieldmanager.com/st?ad_type=iframe&ad_size=800x440§ion=2922708&pub_url=${PUB_URL` and i think that s because of clicking ads to download from sharecash and the downloaded programs over sharecash......
DDS Results
.
DDS (Ver_11-05-19.01) - NTFSx86 MINIMAL
Internet Explorer: 8.0.7600.16385
Run by aycan at 15:21:29 on 2012-06-12
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.1024.567 [GMT -7:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\DllHost.exe
C:\Users\aycan\Downloads\dds.scr
C:\Windows\system32\WSCRIPT.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
uRun: [NokiaOviSuite2] c:\program files\nokia\nokia ovi suite\NokiaOviSuite.exe -tray
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
uRun: [SandboxieControl] "c:\program files\sandboxie\SbieCtrl.exe"
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NokiaMServer] c:\program files\common files\nokia\mplatform\NokiaMServer /watchfiles startup
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [RecSche] "c:\tvr\RecSche.exe"
mRun: [Smapp] c:\program files\analog devices\soundmax\SMTray.exe
mRun: [DrvLsnr] c:\program files\analog devices\soundmax\DrvLsnr.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
TCP: {561EBBF7-4242-4418-8200-15621F7A6661} = 212.65.129.2 212.65.140.142
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\aycan\appdata\roaming\mozilla\firefox\profiles\upheee7n.default\
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll
.
============= SERVICES / DRIVERS ===============
.
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-4-3 63928]
S2 BT848;CxVCap, WDM Video Capture;c:\windows\system32\drivers\cxvcap.sys [2012-5-7 68991]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 CXTUNER;CxTuner, WDM TvTuner;c:\windows\system32\drivers\cxtuner.sys [2012-5-7 30337]
S2 CXXBAR;CxXBar, WDM Crossbar;c:\windows\system32\drivers\cxxbar.sys [2012-5-7 9439]
S2 hshld;Hotspot Shield Service;c:\program files\hotspot shield\bin\openvpnas.exe [2012-1-17 331608]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files\hotspot shield\bin\hsswd.exe -product hss --> c:\program files\hotspot shield\bin\hsswd.exe -product HSS [?]
S2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2012-5-3 96056]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-5-15 257696]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-7-26 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-7-26 8576]
S3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2012-4-10 135440]
S3 SrvHsfPCI;SrvHsfPCI;c:\windows\system32\drivers\VSTBS23.SYS [2009-7-13 266752]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
.
=============== Created Last 30 ================
.
2012-06-11 17:45:22 -------- d-----w- c:\program files\VideoLAN
2012-06-10 21:43:49 -------- d-----w- c:\program files\CardRecovery
2012-06-10 20:08:10 -------- d-----w- c:\programdata\Nokia
2012-06-03 21:11:31 -------- d-----w- c:\programdata\PC Tools
2012-06-03 21:11:30 -------- d-----w- c:\users\aycan\appdata\roaming\TestApp
2012-06-03 16:43:36 -------- d-----w- c:\users\aycan\appdata\roaming\PCTools
2012-06-03 15:59:03 -------- d-----w- c:\program files\PC Tools
2012-06-03 11:24:55 203088 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2012-06-03 11:24:55 -------- d-----w- c:\program files\common files\PC Tools
2012-05-29 19:28:20 388096 ----a-r- c:\users\aycan\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-05-29 19:28:20 -------- d-----w- c:\program files\Trend Micro
2012-05-29 19:08:35 -------- d-sh--w- C:\$RECYCLE.BIN
2012-05-29 19:08:30 -------- d-----w- c:\users\aycan\appdata\local\temp
2012-05-29 18:50:06 98816 ----a-w- c:\windows\sed.exe
2012-05-29 18:50:06 518144 ----a-w- c:\windows\SWREG.exe
2012-05-29 18:50:06 256000 ----a-w- c:\windows\PEV.exe
2012-05-29 18:50:06 208896 ----a-w- c:\windows\MBR.exe
2012-05-25 07:41:21 -------- d-----w- c:\users\aycan\appdata\local\Mozilla
2012-05-25 06:56:31 -------- d-----r- C:\Sandbox
2012-05-25 06:54:57 -------- d-----w- c:\program files\Sandboxie
2012-05-25 06:49:41 -------- d-----w- c:\users\aycan\appdata\roaming\IDM
2012-05-25 06:49:41 -------- d-----w- c:\users\aycan\appdata\roaming\DMCache
2012-05-25 06:49:35 -------- d-----w- c:\program files\Internet Download Manager
2012-05-16 06:44:14 -------- d-----w- C:\Hotspot Shield
2012-05-16 06:42:11 -------- d-----w- c:\program files\Hotspot Shield
2012-05-16 06:02:48 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-16 06:02:48 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-16 05:08:22 6734704 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{05c320d4-5049-4ae5-906f-7c0fca58220b}\mpengine.dll
2012-05-16 05:08:20 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-05-16 04:39:54 -------- d-----w- C:\TVR
2012-05-16 01:18:43 -------- d-----w- c:\users\aycan\appdata\local\NokiaAccount
2012-05-16 01:07:11 -------- d-----w- c:\users\aycan\appdata\local\Nokia
2012-05-16 01:04:25 -------- d-----w- c:\program files\common files\Nokia
2012-05-16 01:03:52 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2012-05-16 01:03:42 -------- d-----w- c:\program files\PC Connectivity Solution
2012-05-16 01:02:57 75264 ----a-w- c:\windows\system32\nmwcdcls.dll
2012-05-16 01:02:01 -------- d-sh--w- c:\windows\Installer
2012-05-16 01:01:44 -------- d-----w- c:\programdata\NokiaInstallerCache
2012-05-16 01:01:44 -------- d-----w- c:\program files\Nokia
2012-05-16 01:00:18 -------- d-----w- c:\windows\system32\wbem\Performance
2012-05-16 00:56:30 356352 ----a-w- c:\windows\system32\NVUNINST.EXE
2012-05-16 00:56:27 729088 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iKernel.dll
2012-05-16 00:56:27 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\ctor.dll
2012-05-16 00:56:27 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\DotNetInstaller.exe
2012-05-16 00:56:27 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2012-05-16 00:56:27 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iscript.dll
2012-05-16 00:56:27 192512 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iuser.dll
2012-05-16 00:56:22 188548 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iGdi.dll
2012-05-16 00:56:21 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\setup.dll
2012-05-16 00:56:16 -------- d-----w- C:\NVIDIA
2012-05-16 00:38:54 -------- d-----w- c:\users\aycan\appdata\local\ElevatedDiagnostics
2012-05-15 23:34:23 -------- d-----w- c:\windows\Panther
.
==================== Find3M ====================
.
2012-04-23 11:26:26 96056 ----a-w- c:\windows\system32\drivers\idmwfp.sys
.
============= FINISH: 15:22:12.85 ===============
ATTACH TXT
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-05-19.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 5/15/2012 3:42:23 PM
System Uptime: 6/12/2012 3:19:50 PM (0 hours ago)
.
Motherboard: Compaq | | 07E8h
Processor: Intel(R) Pentium(R) 4 CPU 2.00GHz | | 1994/769mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 10 GiB total, 0.141 GiB free.
D: is FIXED (NTFS) - 49 GiB total, 25.797 GiB free.
E: is FIXED (FAT32) - 49 GiB total, 4.626 GiB free.
F: is FIXED (NTFS) - 41 GiB total, 4.066 GiB free.
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
==== System Restore Points ===================
.
RP9: 5/29/2012 12:27:46 PM - Installed HiJackThis
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
CardRecovery 5.30
HiJackThis
Hotspot Shield 2.25
Internet Download Manager
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Mozilla Firefox 7.0.1 (x86 en-US)
MSVC80_x86_v2
MSVC90_x86
Nokia Connectivity Cable Driver
Nokia Ovi Suite
Nokia Ovi Suite Software Updater
NVIDIA Drivers
Ovi Desktop Sync Engine
OviMPlatform
PC Connectivity Solution
Sandboxie 3.68 (32-bit)
SoundMAX
VLC media player 1.1.11
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
WinRAR 4.20 beta 1 (32-bit)
.
==== Event Viewer Messages From Past Week ========
.
6/12/2012 3:21:17 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
6/12/2012 3:21:16 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
6/12/2012 3:21:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
6/12/2012 3:21:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
6/12/2012 3:21:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
6/12/2012 3:21:00 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
6/12/2012 3:20:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
6/12/2012 3:20:36 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000019 (0x00000003, 0x846a7668, 0x052f7b0a, 0x82832ee0). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 061212-43703-01.
6/12/2012 3:20:20 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CSC DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf ws2ifsl
6/12/2012 3:20:14 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
6/12/2012 3:20:14 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
6/12/2012 3:20:14 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
6/12/2012 3:20:14 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
6/12/2012 3:20:14 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
6/12/2012 3:20:14 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
6/12/2012 3:20:14 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
6/12/2012 3:20:14 PM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
6/12/2012 3:20:14 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
6/12/2012 3:20:14 PM, Error: Service Control Manager [7001] - The Hotspot Shield Service service depends on the DHCP Client service which failed to start because of the following error: The dependency service or group failed to start.
6/12/2012 3:20:14 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
6/12/2012 3:20:14 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
6/10/2012 9:24:48 PM, Error: Service Control Manager [7023] -
6/10/2012 9:21:55 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
.
==== End Of File ===========================